Wasn’t sure about this and not in a position to test myself.
Out of interest, if I have 3 different IPs on a WAN interface and I apply a src-nat, masquerade, out=WAN interface rule, would traffic just be masqueraded as the first IP I applied to the interface? Or is there a system that the router uses to decide?
Masquerade does slight magic when deciding which IP address to use for SRC-NAT and gracefully handles changes. But I don’t think it handles multiple IP addresses on egress interface in any particular way, so it probably simply uses one (possibly the first one configured).
Interesting question… Maybe try out-interface-list=WAN? Although your should have covered it, if it was to every work.
Thanks for the replies! That’s fair, I don’t really need it to work it just came up while I was working on something else and I realised I’ve never really thought about it. I always just assumed it just did the first address configured on the interface.